We're Welcoming Two New Members to Our Board of Directors

 

Today, we're welcoming two new members to our Board of Directors: Julius Mittenzwei and Ramy Raoof. 

“Julius and Ramy bring a wealth of diverse experience in internet activism and organizational leadership to Tor’s Board,” said Shari Steele, Executive Director of the Tor Project.

About Julius Mittenzwei

Julius Mittenzwei is a lawyer and internet activist with 19 years of leadership experience as an Executive Director and entrepreneur in the publishing industry. He is a longtime Tor advocate with a background in the Free Software movement and member of the Chaos Computer Club (CCC), one of the oldest hacker collectives in the world. Along with CCC, he has been running Tor nodes since 2005. As a lawyer, he has represented several Tor exit node operators accused of abuse. He holds a PhD in Copyright Law from LMU Munich. 

About Ramy Raoof

Ramy Raoof is a technologist and privacy and security researcher with a passion for free/open culture. He has provided and developed digital security plans and strategies for NGOs and members of the media, emergency response in cases of physical threats, support on publishing sensitive materials, secure systems for managing sensitive information, and operational plans for human rights emergency response teams, in Egypt and the MENA region. Most recently, Ramy has been volunteering with different NGOs and civil liberty groups in Central & South America, to enhance their privacy and security through means of behavioral change based on understanding surveillance and threat models in their own contexts and environments. Among different hats, Ramy is Senior Research Technologist at the Egyptian Initiative for Personal Rights (EIPR), Research Fellow with Citizen Lab, and currently a volunteer visitor with Fundación Acceso assisting collectives and networks in Central America around infosec and activism. He is also an Internet Freedom Festival Fellow on security and privacy best practices. Ramy has received multiple international awards for his important work. Most recently, Ramy received the 2017 Heroes of Human Rights and Communications Surveillance from Access Now earlier this month. 

About the Tor Project

The Tor Project is a US 501(c)(3) non-profit organization advancing human rights and freedoms by creating and deploying free and open source anonymity and privacy technologies, supporting their unrestricted availability and use, and furthering their scientific and popular understanding. For more information, contact Stephanie A. Whited at steph@torproject.org

hunter2

October 11, 2017

Permalink

This is good news! The qualifications of the new members are very impressive.

Many thanks to Shari S and the Board for continuing to solidify Tor Project's status as a human rights organization. I believe this is essential not only for protecting some of the most endangered people in the world (human rights researchers, and perhaps, increasingly, even citizens who merely contribute financial support to human rights groups) but for reducing the likelihood that the USG and allied governments will declare Tor Project a "terrorist organization" [sic], or otherwise declare participation in the Tor movement to be "illegal" [sic].

hunter2

October 12, 2017

Permalink

Great news! And welcome to the newcomers.

I want to make sure the Board is aware that FBI and DOJ continue to press Congress to outlaw unbackdoored citizen cryptography. In particular, Rod Rosenberg has mentioned "OS updates" as something LEAs "must" [sic] be able to mess with in order to insert malware into the downloaded patches. This appears to target the wonderful and invaluable initiative by Tor Project and Debian Project to provide onion mirrors for the Debian repo. And as recent reports about Python show, this program should be expanded to CPAN (Perl), CRAN (R), SciPy repo, and other crucial tools often used by FOSS coders. (CRAN isn't even cryptographically signed, an appalling circumstance.)

thehill.com
GOP rep on responsible encryption: 'You can call it whatever you want'
Joe Uchill
12 Oct 2017

> ...
> On Tuesday, during a talk about encryption at the Naval Academy, Deputy Attorney General Rod Rosenstein gave his most thorough remarks on the subject. “Responsible encryption is achievable. Responsible encryption can involve effective, secure encryption that allows access only with judicial authorization. Such encryption already exists," he said. Rosenstein pointed to the systems used to update software as one example of "responsible" encryption. A vulnerability in that update process led to one of the largest cybersecurity incidents in the last year, when attackers attached the NotPetya malware to an update in Ukrainian accounting software. NotPetya ultimately crippled the global shipping industry and major unrelated firms.

In other words, Rod Rosenstein is calling for cryptographically protected software updates, *provided* that a backdoor is provided for USG (and anyone else who can figure out how to exploit the backdoor, of course). Cybersecurity experts uniformly oppose software backdoors, of course, because these are built-in security vulnerabilities. The physical analogy: RR is calling for all homeowners to install shiny new locks, and demanding that they all place a copy of the key under the doormat. If such legislation were enacted, it would not take GRU or criminals very long to discover that they only need lift the doormat to access every US citizen's private information.

Also, Tor users in the US can join EFF members in asking their Congressional representatives to vote against the 702 reauth, particularly the "backdoor searches" by FBI and other agencies, which might actually succeed if we can ramp up grass-roots opposition:

thehill.com
Opposition mounts against bill to renew surveillance program
By Katie Bo Williams
12 Oct 2017

> ...
Goodlatte’s proposal would place modest limits on the NSA by requiring officials investigating ordinary crimes to obtain a court order before viewing the content of any communications collected under that program, including those sent by Americans. The legislation does not place the same limits on national security investigators, who are believed to use the database far more frequently. “The bill’s primary reform creates a loophole where backdoor searches of U.S. persons can continue ostensibly for ‘foreign intelligence purposes,’” civil liberties advocacy group Demand Progress wrote in a release commenting on the measure. “This makes it likely that the exception would swallow the rule.”

Both Republican and Democratic members oppose Goodlatte's reauth bill.

More evidence has recently surfaced which confirms that NSA and FBI are exploiting backdoor searches to obtain the medical and banking records of many--- perhaps all--- US citizens, for example by snagging data in transit during improperly secured backups.

thanks for your article : nice & clearly documented.

about the medical records , it is less at 100% related at the fbi (small research, more illegitimate than illegal, personal usage often, sick team ... harassment & racketing policy until suicide or hospital _ mental hospital also) than a pandemic survey from private companies & medical center obeying to the nsa (joint-venture) : a disease, a difference, an abnormality, a fantasy or personal behavior or an unclear gender is less & less tolerated in more & more countries:regions.

it is considered as an dangerous genetic:virus risk from ... a lot of persons ; not all are living in the high social class. i do not think they will need a backdoor in a near future , dna recorded on data center (which justice is one of the worst) are yet a famous base , jehovah center is concerned & 'meetic' too.

about banking records , it is a very difficult subject.
when you are in vacation/holiday , and go abroad : they do know how many money you have in your wallet & in your bank account and it is not coming from a hidden nsa ops , it is a bank survey done with the agreement of most all govt (tourism agency policy).

using a backdoor or a malware could allow 'an unknown civil servant', an elected person and even
someone who works in a bank to manipulate your account which transfer, number, destination.

i do not know how you could avoid medical & banking recorded exploited by back-door when the same things are yet used since several years by legitimate & legal communities, firms, honorable societies, foundations, (yesterday it was for promoting space tomorrow it will be for experimenting cloning human being) ...

implementing a backdoor sounds as a sadism measure without real justification.

hunter2

October 31, 2017

Permalink

Question for Ramy Raoof (formerly of Citizen Lab in Canada):

I need to get in touch with Citizen Lab but cannot use email. Years ago, CL had a phone number in their website, but it has been removed. Is it possible to snail mail or call CL?

TIA.

Join the discussion...

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

7 + 11 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.